API or any remote method to activate rules?

ikkeT · November 19, 2017, 08:15:58 PM

Hi,

I fancy a physical button at home, which would kill certain devices network connectivity. Think of kid not stopping playing after several mentions about dinner.... :)

So I could use my BT button which controls rules in my OpenHAB home automation box. That could then call API of OPNSense to toggle certain FW group on/off.

Is there such API, or any samples doing it e.g. using curl? I didn't find API in docs.

BR,
ikke

franco · November 20, 2017, 07:43:04 AM

Hi Ikke,

For the firewall not yet. We've been working on making rules fully pluggable for plugins, but this is still missing NAT support. This and hopefully API support for alias updates is all we will be able to finish for 18.1.

Cheers,
Franco

buergeb · February 20, 2018, 10:45:06 PM

Hello Franco,

what does "for the firewall not yet" mean? Could you say please, if the feature for activaing/deactivating firewall rules via api is on the roadmap?

Thank you
Bodo

seamus · February 23, 2018, 10:23:20 AM

Quote from: ikkeT on November 19, 2017, 08:15:58 PM
Hi,

I fancy a physical button at home, which would kill certain devices network connectivity. Think of kid not stopping playing after several mentions about dinner.... :)

So I could use my BT button which controls rules in my OpenHAB home automation box. That could then call API of OPNSense to toggle certain FW group on/off.

Is there such API, or any samples doing it e.g. using curl? I didn't find API in docs.

Have you looked at the Firewall->Settings->Schedule config? Maybe a different way to accomplish your objective, but of course would require that you eat dinner at the same time :)

ikkeT · February 23, 2018, 10:52:08 AM

I have schedules set. Is there a way to update them over API?

seamus · February 23, 2018, 08:52:42 PM

Have you looked at this?: https://docs.opnsense.org/development/how-tos/api.html

It doesn't provide many details, but it states that "All components... receive API capabilities", so that would mean you should be able to do what you want... except for maybe the "physical button" part - but I guess you have a plan for that.

nycaleksey · October 12, 2020, 09:13:09 PM

Bumping this thread from 2.5 years ago.

Was the functionality to enable/disable firewall rules via API ever implemented? If not, does anyone know if it's on the roadmap ?

Thanks!

fabian · October 13, 2020, 06:23:10 AM

It is already there.

nycaleksey · October 14, 2020, 10:06:12 PM

Thank you! Do you know what API command can be used to enable certain rule and to disable it?

Tried reading the documentation at https://docs.opnsense.org/development/api/core/firewall.html but it's very limited.

lassieee · October 26, 2020, 02:44:58 PM

Stumbled upon this thread. Looking to implement this as well. Found this thread which seems to have the appropriate commands: https://forum.opnsense.org/index.php?topic=16943.0

edit: tried it, works like a charm :-)
docs: https://docs.opnsense.org/development/api/plugins/firewall.html

API or any remote method to activate rules?

ikkeT

November 19, 2017, 08:15:58 PM

franco

November 20, 2017, 07:43:04 AM #1

buergeb

February 20, 2018, 10:45:06 PM #2

seamus

February 23, 2018, 10:23:20 AM #3

ikkeT

February 23, 2018, 10:52:08 AM #4 Last Edit: February 23, 2018, 11:05:39 AM by ikkeT

seamus

February 23, 2018, 08:52:42 PM #5

nycaleksey

October 12, 2020, 09:13:09 PM #6

fabian

October 13, 2020, 06:23:10 AM #7

nycaleksey

October 14, 2020, 10:06:12 PM #8

lassieee

October 26, 2020, 02:44:58 PM #9 Last Edit: October 26, 2020, 05:07:23 PM by lassieee